=====

Most recently, Mozilla and the Electronic Frontier Foundation (EFF) announced “Let’s Encrypt,” their collaboration with Cisco, Akamai, IdenTrust, and researchers at the University of Michigan in attempt to take the first big step towards a more universally secure Internet. One of the biggest weaknesses in the underlying architecture of the web as it exists currently is the highly bureaucratic and complex (not to mention costly) system required for websites to obtain and deploy the SSL/TSL certificates needed to protect your web surfing experience (these are the basic pieces of information that allow the little lock icon to work in your browser, signaling your session is private and secure). “Let’s Encrypt” will extend these digital certificates to all websites by starting an easy-to-use and free-of-charge certificate authority that issues them; this means that web encryption will not just be available to big players like banking services or email providers, but will set a much higher bar for Internet security across all websites, regardless of their ability to pay for a certificate or properly install it.

We are strong, adamant supporters of this initiative and are excitedly awaiting it’s unveiling in 2015 under a new nonprofit called the Internet Security Research Group (ISRG).

In addition to this, Mozilla announced it’s own strategic privacy initiative in collaboration the Tor Project and CDT. We’ll be consulting “on privacy technology, open standards, and future product collaborations” with the open-source browser to help it more effectively and appropriately bring privacy features into its products. “We want to accelerate pragmatic and user-focused advances in privacy technology for the Web, giving users more control, awareness and protection in their Web experiences,” the company explained via its privacy blog. – We believe in the possibilities that privacy innovations could make possible, and are excited and honored to be a part of the process. – What do these changes mean for the short- and long- term future of the security of the Internet? – There will soon be no excuses for not baking encryption into web services, and in turn, consumer privacy and protection into the tools we use to navigate the digital highway.

– “Our ultimate aim is for human rights defenders, journalists and civil society groups to be able to carry out their legitimate work without fear of surveillance, harassment, intimidation, arrest or torture,” Amnesty International said in an online posting introducing Detekt. – Whistleblower Edward Snowden exposed the extent of government surveillance on activists and citizens. Amnesty said it is concerned about a chill on human rights activists and journalists, especially those in repressive countries, because of such surveillance.

=========

Microsoft fixes 19-year old Windows bug { * – Microsoft Corp issued patches on Tuesday to fix a bug in its Windows operating system that remained undiscovered for 19 years. – The bug, which is present in every version of Microsoft Windows from Windows 95 onward, allows an attacker to remotely take over and control a computer.

– IBM Corp’s cybersecurity research team discovered the bug in May, describing it as a “significant vulnerability” in the operating system. – “The buggy code is at least 19 years old and has been remotely exploitable for the past 18 years,” IBM X-Force research team said in its blog on Tuesday. – *

*** The bugs were not “undiscovered”, Government Hackers spoke about this on Coast to Coast A.M. before the summer of 2002. Art Bell was the host. This program is not listed in the current Coast to Coast A.M. archives, at least I could not find it by searching ‘hackers’. 3 men who were quite ‘enthusiastic’ and talkative about their experience working for hackers for US Government agencies that ‘officially do not exist’ -one of them told us he has an ashtray with one of those officially non-existent agency’s official logo on it- told us that microsoft was fully aware of holes in their operating system but were not going to do anything about it because the government of the US liked it the way it was. They said it was simple for any hacker to get into your computer if you were ‘running windows’ -“Especially if you have printer sharing turned on.” && They also said they liked Apple Computers back then because it was possible to tell a Mac to do only one thing at a time, not like windows computers which could have all sorts of nonsense going on undetected in the background. – AND Another Coast to Coast A.M. guest, much more recently, related talking to a computer pioneer a long time ago, when dial ups were the latest thing, and when the computer guy finished showing him something, he would not leave the room without shutting off his computer, and disconnecting the phone line from his computer. When the C2C guest asked the computer guy what that was all about, the computer guy said that he, as in insider, knew that the US Government could already get into anyone’s computer that was connected to Delphi or GEnie or AOL, even if the computer had been turned off. — And, now that almost every computer in the world has WiFi capabilities- you can never fully disconnect yourself from the possibility that they can turn your computer on and gather any information you have, or were ever connected to- any time they want to do that- With the possible exception that you might be ‘safe’ if you live inside a Faraday cage, a hundred feet or more beneath the surface of this planet. Welcome to the future, it sucks. —jim w— }